| With the popularity of cloud computing, data outsourcing has become a trend. It can provide great convenience for people to outsourcing data storage, such as costing savings, speeding up the processing speed, convenient data sharing and so on, but it also causes a series of security challenges. In order to achieve data confidentiality, all of the data are encrypted before uploading to the servers by data owners when the servers are not fully trusted. However, it caused the efficiency and flexibility of the retrieval. In addition, all of the existing data sharing schemes have a common application vulnerabilities that allow data owner to modify data without restrictions, in which the veracity of the data has been questioned and that cannot satisfy the demands of practical application sometimes. Therefore, how to design fast and flexible data sharing mechanism with privacy preserving, has become a research hotspot.To solve the above problems, this paper deeply studies the attribute based encryption technology, the work is as follows:Firstly, it caused the efficiency of retrieval by the sensitive data are encrypted. Thus, in this paper, by using attribute based encryption one-to-many encryption and fine-grained access control features, an efficient multi-user searchable encryption scheme with forward and backward secrecy(EMSES) is introduced, which is efficient as well as secure. Based on the attribute- based encryption, it can narrow the search scope. The forward secrecy can be achieved by removing some entries from the user’s list and the backward secrecy can be got by re-encrypting ciphertext under the attribute group keys.Secondly, considering the existing data sharing scheme have a common application vulnerabilities the allow data owner to modify data without restrictions, in which the veracity of the data has been questioned and that cannot satisfy the demands of practical application sometimes. In this paper, we present a data sharing scheme with privilege separation, in which the veracity of the data can be ensured and the flexible access control can be provided. Based on RSA-based proxy encryption, a new efficient privilege separation mechanism is introduced to ensure the veracity of the data; exploiting attribute-based encryption, the data owner can define the access policy to achieve fine-grained access control.Finally, with the wide application of cloud computing, the personal health record(PHR) data outsourcing to a third party service providers, which has become a trend. However, the existing schemes grant a patient to create, delete and modify EMR documents, in which the veracity of patients’ EMR data has been questioned, even resulting in some health accidents. In this paper, based on this scheme of data sharing, we carry on the further study and present a new secure personal electronic medical record scheme with privilege separation under the multi-owner settings, called SPEMR, to resolve the above dilemmas. With the proposed SPEMR scheme, each patient can fully control the authorization of accessing to their EMR documents, but only the professional people have write keys. |
PDF Full Text Request